Tonnet · E-Lan Hybrid Recording System · CVE-2026-9003
**Name of the Vulnerable Software and Affected Versions**
E-LAN Hybrid Recording System (affected versions not specified)
**Description**
The E-LAN Hybrid Recording System developed by TONNET contains a SQL Injection flaw. This allows unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. SQL Injection is a type of vulnerability that occurs when an attacker can interfere with the queries that an application makes to its database.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.